Project: Wordpress Plugin Photo Video Store 18.05

Vulnerability: #8928908 (2018-07-26 19:04:27)

Warning

There are many false positives, or unexploitable vulnerabilities. Please create working "PoC" exploit before reporting anything to vendor!

Details:

Sink PHP::echo
Risk _REQUEST
/photo-video-store/templates/content_list_menu_fotolia.php:275 (show/hide source)
255  }
256  ?>
257  			</select>
258  		</div>	
259  		
260  		<div class="search_title2 field_color"><b><?php echo pvs_word_lang( "color" )?>:</b></div>
261  		<div class="search_text2 field_color">
262  		<?php
263  if ( ! isset( $_REQUEST["color"] ) ) {
264  	$_REQUEST["color"] = "FFFFFF";
265  }
266  ?>
267  		<input type='hidden' id='color' name='color' value='<?php echo $_REQUEST["color"] ?>' />
268  		<div id="customWidget" style="margin-left:-4px">
269  		<div id="colorSelector2"><div style="background-color: #<?php echo $_REQUEST["color"] ?>"></div></div>
270  	                <div id="colorpickerHolder2">
271  	                </div>
272  	</div>
273  	
274  	<script>jQuery('#colorSelector2').ColorPicker({
275 color: '#<?php echo $_REQUEST["color"] ?>',
276 onShow: function (colpkr) { 277 jQuery(colpkr).fadeIn(500);
Threat level 2

Callstack:

@INLINE::/photo-video-store/templates/content_list_menu_fotolia.php /photo-video-store/templates/content_list_menu_fotolia.php:275 (show/hide source)
255  }
256  ?>
257  			</select>
258  		</div>	
259  		
260  		<div class="search_title2 field_color"><b><?php echo pvs_word_lang( "color" )?>:</b></div>
261  		<div class="search_text2 field_color">
262  		<?php
263  if ( ! isset( $_REQUEST["color"] ) ) {
264  	$_REQUEST["color"] = "FFFFFF";
265  }
266  ?>
267  		<input type='hidden' id='color' name='color' value='<?php echo $_REQUEST["color"] ?>' />
268  		<div id="customWidget" style="margin-left:-4px">
269  		<div id="colorSelector2"><div style="background-color: #<?php echo $_REQUEST["color"] ?>"></div></div>
270  	                <div id="colorpickerHolder2">
271  	                </div>
272  	</div>
273  	
274  	<script>jQuery('#colorSelector2').ColorPicker({
275 color: '#<?php echo $_REQUEST["color"] ?>',
276 onShow: function (colpkr) { 277 jQuery(colpkr).fadeIn(500);